#!/bin/bash # APISIX SSL 证书管理器安装脚本 set -e SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" SYSTEMD_DIR="/etc/systemd/system" echo "开始安装 APISIX SSL 证书管理器..." # 检查 Python3 if ! command -v python3 &> /dev/null; then echo "错误: 未找到 python3,请先安装 Python 3" exit 1 fi # 检查 Certbot if ! command -v certbot &> /dev/null; then echo "警告: 未找到 certbot,请先安装 certbot" echo "Ubuntu/Debian: sudo apt-get install certbot" echo "CentOS/RHEL: sudo yum install certbot" fi # 安装 Python 依赖 echo "安装 Python 依赖..." if command -v uv &> /dev/null; then echo "使用 uv 安装依赖..." uv pip install --system -r "$SCRIPT_DIR/requirements.txt" else echo "使用 pip3 安装依赖..." pip3 install -r "$SCRIPT_DIR/requirements.txt" fi # 创建必要的目录 echo "创建必要的目录..." sudo mkdir -p /var/www/certbot sudo mkdir -p /var/lib/apisix-ssl-manager sudo mkdir -p /var/log # 设置权限 echo "设置文件权限..." sudo chmod +x "$SCRIPT_DIR/ssl_manager.py" sudo chmod +x "$SCRIPT_DIR/route_watcher.py" sudo chmod +x "$SCRIPT_DIR/certbot_deploy_hook.sh" sudo chown -R www-data:www-data /var/www/certbot 2>/dev/null || true # 安装 systemd 服务 echo "安装 systemd 服务..." if [ -d "$SCRIPT_DIR/systemd" ]; then sudo cp "$SCRIPT_DIR/systemd/"*.service "$SYSTEMD_DIR/" sudo cp "$SCRIPT_DIR/systemd/"*.timer "$SYSTEMD_DIR/" 2>/dev/null || true # 重新加载 systemd sudo systemctl daemon-reload echo "systemd 服务已安装" echo "" echo "启用服务:" echo " sudo systemctl enable apisix-ssl-renew.timer" echo " sudo systemctl start apisix-ssl-renew.timer" echo " sudo systemctl enable apisix-route-watcher.service" echo " sudo systemctl start apisix-route-watcher.service" fi echo "" echo "安装完成!" echo "" echo "下一步:" echo "1. 如需修改配置,编辑 Python 文件中的 DEFAULT_CONFIG:" echo " - ssl_manager.py(主脚本配置)" echo " - test_ssl_auto.py(测试脚本配置)" echo " 或通过环境变量覆盖配置" echo "2. 测试申请证书: python3 $SCRIPT_DIR/ssl_manager.py request --domain example.com" echo "3. 启用自动续期: sudo systemctl enable apisix-ssl-renew.timer" echo "4. 启动路由监听: sudo systemctl enable apisix-route-watcher.service"